--- a/mod_auth_imap/auth_imap/sasl_imap.lib.lua	Tue Jan 20 11:02:14 2015 +0000
+++ b/mod_auth_imap/auth_imap/sasl_imap.lib.lua	Sun Jan 25 13:04:02 2015 +0100
@@ -112,7 +112,7 @@
 end
 
 -- create a new SASL object which can be used to authenticate clients
-function _M.new(realm, service_name, host, port, ssl_params, append_host)
+function _M.new(realm, service_name, host, port, ssl_params, append_host, strip_host)
 	log("debug", "new(%q, %q, %q, %d)", realm or "", service_name or "", host or "", port or 0);
 	local sasl_i = {
 		realm = realm;
@@ -121,13 +121,14 @@
 		_port = port;
 		_ssl_params = ssl_params;
 		_append_host = append_host;
+		_strip_host = strip_host;
 	};
 
 	local conn, mechs = connect(host, port, ssl_params);
 	if not conn then
 		return nil, "Socket connection failure";
 	end
-	if append_host then
+	if append_host or strip_host then
 		mechs = { PLAIN = mechs.PLAIN };
 	end
 	sasl_i.conn, sasl_i.mechs = conn, mechs;
@@ -141,7 +142,7 @@
 		self.conn = nil;
 	end
 	log("debug", "method:clean_clone()");
-	return _M.new(self.realm, self.service_name, self._host, self._port, self._ssl_params, self._append_host)
+	return _M.new(self.realm, self.service_name, self._host, self._port, self._ssl_params, self._append_host, self._strip_host)
 end
 
 -- get a list of possible SASL mechanisms to use
@@ -177,8 +178,12 @@
 function method:process(message)
 	local username = mitm[self.selected](message);
 	if username then self.username = username; end
-	if self._append_host and self.selected == "PLAIN" then
-		message = message:gsub("^([^%z]*%z[^%z]+)(%z[^%z]+)$", "%1@"..self.realm.."%2");
+	if self.selected == "PLAIN" then
+		if self._append_host then
+			message = message:gsub("^%Z*(%z[^%z@]+)@?%Z*(%z%Z+)$", "%1@"..self.realm.."%2");
+		elseif self._strip_host then
+			message = message:gsub("^(%Z*%z[^@%z]+)@%Z+", "%1");
+		end
 	end
 	log("debug", "method:process(%d bytes): %q", #message, message:gsub("%z", "."));
 	local ok, err = self.conn:send(b64(message).."\n");